Apple Makes Gatekeeper a Friendly Signpost in Mountain Lion

It’s hard to put one’s finger on it. Announcements from Apple, from time to time, have been unhappy affairs. The new Gatekeeper in Mountain Lion, however, is elegant, thoughtful and pleasing. It builds confidence instead of concern. Perhaps it’s a sign of changes at Apple.

For the past year or so, Apple has made some decisions that gave us pause. The terms of the iBooks Author EULA raised a ruckus. The changes in Final Cut Pro X left some people edgy and unsatisfied. The iosification of iOS and OS X worries many, not about the technology, but Apple’s motives. The last minute announcement of WWDC last year gave zero time for business approvals. And the sudden, vigorous promotion of sandboxing created developer angst, showcased in the developer interviews we’ve done.

Today was different. The disclosure method of OS X 10.8, Mountain Lion, was a breath of fresh air. The handling of Gatekeeper, in particular, brings a strong sense of assurance that Apple has taken some time to absorb feedback and think things out. Whether this is a by-product of Tim Cook’s new leadership, I can’t say for sure. It seems like it may be.

#6. Lion Tweaks. Apple will introduce a heavily revised version of Lion, 10.7.x at WWDC 2012, and perhaps it will affectionately be called Lion Cub. It’ll be the result of some better thinking about how to handle the movement to iOS integration, installation, gestures, versioning, and sandboxing. It’ll defuse the brewing irritations and make the developers and users a lot happier.”

Apple has actually done better than that. The company has committed to a yearly OS X release schedule and announced a major new OS revision, Mountain Lion, even earlier than WWDC. But what particularly interests me and pleases me is the handling of Gatekeeper and the comment I made about “defuse the brewing irritations.”

For example, if you had asked me a week ago about how Apple would approach this matter, I would have suggested that Apple might prevent unsigned, non-sandboxed apps from running in OS X 10.8. That would have restricted us to the Mac App Store, and there would have been a huge backlash. Developers and technical columnists would bash Apple for being heavy handed, while apologists would say, “Iit’s all for the good of users.” And the fuss would start all start again.

But that’s not what Apple did.

Instead, Apple stepped back and thought out the process, customer and developer needs, and basic psychology. Sensible options have been provided that account for the special needs of most users. With Gatekeeper, you have three options for allowable downloads: 1) Mac App Store only, 2) MAS and identified developers (those who are registered with Apple) or 3) Any app at all from anywhere.

Mountain Lion’s Gatekeeper preferences

You’re in control and can make informed decisions about how to handle unsigned apps. You can change the the option from time to time to meet a need. (Although once an app is blessed, it stays blessed — unless it’s modified by malware and its digital signature is thereby altered. Then Apple can remotely disable it.) So if you want to install a special, unsigned app that also may not even be sandboxed, and you trust the developer, go for it.

The net result of this, at least for me, is considerable glee. Apple did the absolute right thing for the right reasons.

Now some might say that it’s just a stepping stone. Apple is boiling our frog for the day when unsigned apps cannot be run at all. My reaction, however, is that we can only judge Apple by its actions now. If Apple keeps on doing the right things, builds our confidence and eliminates irritations, then its harder to be convinced that it’s all a sham, a prelude to something really nasty and irritating that will come later.

For example, as the culture of our Macintosh community evolves, there may well come a day when there’s no conceivable reason why we would want to run unsigned apps. Let’s go ahead and let that meme evolve naturally rather than force it with a heavy hand.

This Gatekeeper design in Mountain Lion is a breath of fresh air. I hope these felicitous decisions keep coming. Lots of them.

Popular TMO Stories

Agreed, Gatekeeper is a great idea, and I think it bodes well. Consider recent Apple History:

Gatekeeper. Well designed, well though out. Solves a real problem. (You try to tell users not to run apps off of this list of sites and yes you can run from this other list but only if they pass AntiVirus scan. Yeah that’ll work. This makes it simple to set and forget.

Cook’s appearance at Goldman Sachs where he came off as clear, concise, personable, passionate about Apple and it’s products.

A reference from John Gruber I posted today from his initial impressions of Mountain Lion where he said

The recurring theme: Apple is fighting against cruft ? inconsistencies and oddities that have accumulated over the years, which made sense at one point but no longer ? like managing to-dos in iCal (because CalDAV was being used to sync them to a server) or notes in Mail (because IMAP was the syncing back-end). The changes and additions in Mountain Lion are in a consistent vein: making things simpler and more obvious, closer to how things should be rather than simply how they always have been.

Things are looking up. Unlike Lion I’m really looking forward to Mountain Lion. The hardware pipeline is full of great things this year. Apple is hitting on all cylinders in every way.

I’m even going to say something that may be considered blasphemous by some. Being CEO is more than just having good ideas. It’s leadership, it’s keeping all the cats going in the same direction, it’s seeing the big picture and the details. Steve Jobs was a great person but he was very ill his last few years. I think Cook in his first year in charge is doing a better job than Jobs did in his last couple. Apple was getting a bit messy, a little frayed around the edges.

Gatekeeper is interesting and a good thing. I am also interested in how the new Messages, Contacts and Calendars apps are going to work. The continued iCloud integration is also good even though such was expected.

I was taken by surprise by the way Apple previewed all this with the media. To me this is the one thing that was different from the past.

As the guy who has to do tech support (not that much, thankfully, since it’s mostly Apple hardware) for two sets of parents, several grandparents, and a wife and three children, I couldn’t be happier about Gatekeeper. My main box will take the middle option (MAS or signed) because according to Gruber, Shilling says you can control-click to turn it off on an as-needed basis to install an unsigned app, and the rest of the time I would just as soon leave it on. For all those whose computers and iOS stuff I support by default, I already have them using the MAS for everything, so this will let me close the door against unforeseen web-fed or otherwise sketchy executable code.

If they made it MAS-only, I think a lot of us would have been upset, and rightly so. A computer is SUPPOSED to be capable of running outside a curated environment if you’re technically knowledgeable enough to maintain it. Thing is, that’s not most people. So what they’ve done here makes sense AND helps solve the problem.

I breathed a HUGE sigh of relief at this announcement, it’s a fantastic implementation that allows for further evolution as our needs grow and change. I’m really enjoying Messages too, though the beta-bugs are definitely biting it’s great to have such a seamless tool. I was feeling very pessimistic about Apple in recent months, Mr. Cook’s actions these past number of weeks have restored my faith completely. Could it be Apple’s best days do indeed lie ahead? I think it’s possible.